PHP :: Bug #27284 :: User Password in PHPInfo

Bug #27284	User Password in PHPInfo
Submitted:	2004-02-16 21:50 UTC	Modified:	2004-02-17 02:37 UTC
From:	adam at comsmart dot org	Assigned:
Status:	Not a bug	Package:	PHP options/info functions
PHP Version:	Irrelevant	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	adam at comsmart dot org
New email:
PHP Version:		OS:

New Comment:

[2004-02-16 21:50 UTC] adam at comsmart dot org

Description:
------------
When you call the phpinfo function, it posts your password on the resulting page. Therefore, you can not include a call to phpinfo on any public page, because people could get into your system. I think that the default call to phpinfo should not output the username/password of the owner of the file.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-02-17 02:37 UTC] helly@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

I assume you mean environment information which you can skip in the output (RTFM). Otherwise the function is never meant to be shown to every user.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Dec 22 03:01:28 2024 UTC